Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2023-5050
- EPSS 0.16%
- Veröffentlicht 20.10.2023 07:15:17
- Zuletzt bearbeitet 21.11.2024 08:40:58
The Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers wi...
5.4
CVE-2021-24468
- EPSS 0.18%
- Veröffentlicht 02.08.2021 11:15:09
- Zuletzt bearbeitet 21.11.2024 05:53:07
The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues
1